Automate the Creating IAM Entities for AWS Cloud Accounts process using the following Cloudformation stack template:
Creating IAM Entities for AWS Cloud Accounts describes a manual process for creating the necessary resources so that you can subsequently configure an AWS Cloud Account into your Redis Cloud Account, allowing your Redis Cloud Account to create resources in your AWS Cloud Account. This is an error-prone process. (It is also possible to configure an AWS Cloud Account using the API.)
This repo contains a template (RedisCloud.yaml) to construct the necessary resources, no matter how whether you want to configure 'By Hand' or 'By API'.
If you configure an AWS Cloud Account by hand you'll be following these instructions
If you configure an AWS Cloud Account using the Cloud API you'll use this specific call
The template will construct the necessary resources required for both approaches. It will show them in the 'output' section of the stack, except for the secrets (AWS_SECRET_KEY and password), which are stored as secrets in the AWS Secret's manager.
The mapping between the stack outputs and the names used in the two different configuration methods is shown below:
| Output | By Hand | By API |
|---|---|---|
| accessKeyId | AWS_ACCESS_KEY_ID | accessKeyId |
| accessSecretKey | AWS_SECRET_ACCESS_KEY | accessSecretKey |
| consolePassword | - | consolePassword |
| signInLoginUrl | - | signInLoginUrl |
| IAMRoleName | IAM Role Name | - |
| consoleUsername | - | consoleUsername |
The cloudformation template is stored in the publicly accessible Redislabs owned bucket at: cloudformation-templates.redislabs.com/RedisCloud.yaml
Copy the template to the bucket thus (assuming the AWS profile redislabs):
aws s3 --profile redislabs cp RedisCloud.yaml s3://cloudformation-templates.redislabs.com